RVTools Exploited to Deliver Bumblebee Malware to Windows Users
On May 13, 2025, a sophisticated supply chain attack compromised the trusted VMware administration tool RVTools, turning it into a malware delivery platform. The attackers managed to replace the legitimate [...]
AutoIT Scripts Exploited to Deploy Windows Malware
Cybersecurity researchers have discovered a sophisticated malware campaign that leverages AutoIT, a scripting language known for its seamless integration with Windows environments. While AutoIT is often used for automation, threat [...]
Auth0-PHP Vulnerability: Unauthorized Access Risk
A critical vulnerability has been found in the Auth0-PHP SDK that could let attackers bypass authentication by brute-forcing session cookie tags. Auth0-PHP Vulnerability It affects version 8.0.0-BETA1 and newer when [...]
Cache Timing Bypasses Windows 11 KASLR, Reveals Kernel Base
Researchers have found a way to bypass Kernel Address Space Layout Randomization (KASLR) on fully updated Windows 11 systems using a cache timing side-channel attack. The method, based on the [...]
Zoom Phishing Steals Login Credentials
A new phishing campaign is tricking users with fake Zoom meeting invites that appear to come from coworkers. The scam uses familiar work-related messaging to steal login credentials. Researchers warn [...]
Get Social